CVE-2025-40031

UNKNOWN 0.0

tee: fix register_shm_helper()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: tee: fix register_shm_helper() In register_shm_helper(), fix incorrect error handling for a call to iov_iter_extract_pages(). A case is missing for when iov_iter_extract_pages() only got some pages and return a number larger than 0, but not the requested amount. This fixes a possible NULL pointer dereference following a bad input from ioctl(TEE_IOC_SHM_REGISTER) where parts of the buffer isn't mapped.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 28, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

7bdee41575919773818e525ea19e54eb817770af < 9338093db954918558677a468d32e77041c65167 7bdee41575919773818e525ea19e54eb817770af < 6a7874ab814ce12003c46a92f7afc9b035c8e8e9 7bdee41575919773818e525ea19e54eb817770af < d5cf5b37064b1699d946e8b7ab4ac7d7d101814c

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/9338093db954918558677a468d32e77041c65167 git.kernel.org: https://git.kernel.org/stable/c/6a7874ab814ce12003c46a92f7afc9b035c8e8e9 git.kernel.org: https://git.kernel.org/stable/c/d5cf5b37064b1699d946e8b7ab4ac7d7d101814c